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(54) A method for protecting user data stored in memory of a mobile communication device, - 
particularly a mobile phone 



(57) The present invention provides a method for 
protecting user data stored in a memory of a mobile 
communication device, particularly a mobile phone, 
comprising the following steps: inputting an identifica- 



tion string; and associating an internal access key with 
said identification string to provide access to corre- 
sponding user data stored in the user data memory (13) 
of the mobile communication device (10). 
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Description 

BACKGROUND OF THE INVENTION 

[0001] The present invention relates to a method for 
protecting user data stored in a memory of a mobile 
communication device, particularly a mobile phone. 
[0002] Although applicable to any smart-phone, the 
present invention and its underlying problems will be 
discussed with particular reference to GMS mobile 
phones. 

[0003] In the current ETSI specifications (ETSI = Eu- 
ropean Telecommunications Standards Institute), the 
only user specific storage that is protected is the SIM 
card itself, e.g. according GSM 11.11. Namely, data 
stored on the SIM (SIM = subscriber identification mod- 
ule) card are protected by the PIN code (PIN = personal 
identification number). However, it is not specified in the 
current ETSI specifications how to protect data held in 
a SIM-extemal storage. 

[0004] A problem occurs when a mobile phone is used 
by more than one user (SIM) and when this mobile 
phone contains user specific user data storages like, for 
example, an email in-box, a fax inbox, spread-sheets, 
documents, etc. 

[0005] These storages can be easily protected by 
passwords, but the storage is not protected against us- 
ers willing to spend some time getting the stored data. 
Media like FLASH memories and other integrated circuit 
storages can be read by means of in-built hardware test 
interfaces, and PCMCIA based storage can be read 
from other devices. From the personal computer world 
it is already known that BIOS passwords are easily 
avoided by hardware resetting the backup battery of the 
motherboard, passwords in different programs can be 
cracked and that hard-drive data can be read directly on 
the surface of the disc. 

SUMMARY OF THE INVENTION 

[0006] The present invention provides a a method for 
protecting user data stored in a memory of a mobile 
communication device, particularly a mobile phone, ac- 
cording to claim 1 . 

[0007] A particular advantage of the method accord- 
ing to the invention is that there is no access to user 
data unless the correct SIM has been inserted and the 
identification string has been entered. 
[0008] Further, data stored in a way dependent on the 
correct SIM-data can/may be ciphered. Two "pass- 
words" have/may have to be correct user controlled 
passwords and/or SIM dependentpasswords. The data 
can be ciphered with SIM dependent keys or other keys. 
[0009] The principal idea underlying the present in- 
vention is to use internal data such as SIM-data stored 
on the SIM-card as basis for an internal access key 
wherein said SIM-data are already protected by the PIN 
code. If user data stored in other storage means, i.e. 



/ 



serial FLASH, EEPROM, etc., are made dependent 
thereon and only readable if the 7 PIN on the SIM-card is 
verified, the data accessibility js dependent on the PIN- 
number being verified on the SIM-card and on the fact 

s that the correct SIM is inserted. 

[0010] Preferred embodiments of the present inven- 
tion are listed in the dependent claims. 
[0011] According to a preferred embodiment, SIM-da- 
ta stored in the SIM card are read and used as a basis 

io for said access key. 

[0012] According to a further preferred embodiment, 
said access key provides access to a coding/decoding 
algorithm for coding/decoding the user data. 
[0013] According to a further preferred embodiment, 

is the access key is generated by an access key genera- 
tion algorithm on the basis of the read out SIM-data. 
[0014] According to a further preferred embodiment, 
the SIM-data which, ijr'used as the basis for an access 
key is specified by a primary user. 

20 [0015] According to a further preferred embodiment, 
the SIM-data which is used as the basis for an access 
key is specified by the network provider of the mobile 
communication device. 

[0016] According to a further preferred embodiment, 
25 the SIM-data is the International Mobile Subscriber 
Identity IMSI or SIM card serial number. 
[0017] According to a further preferred embodiment, 
the SIM-data which is used as the basis for an access 
key is specified by the manufacturer of the mobile com- 
30 munication device. 

[001 8] According to a further preferred embodiment, 
the identification string is the personal identification 
name and/or the password which are Input by a user. 
[001 9] According to a further preferred embodiment, 
35 the identification string is the personal unblocking code 
PUC. 

[0020] According to a further preferred embodiment, 
the coding/decoding algorithm is stored in a storage ar- 
ea of the user data memory. 

40 [0021] According to a further preferred embodiment, 
the coding/decoding algorithm is stored in the SIM-card. 
[0022] According to a further preferred embodiment, 
the user data memory is subdivided into user data stor- 
age areas which' are accessible by inputting corre- 

*5 sponding passwords. 

[0023] According to a further preferred embodiment, 
the identification string is sent to the mobile phone by 
the network provider as part of a cancellation command 
specified by the network provider to access the user da- 

so ta memory for deleting user data and/or corresponding 
identifications stored within the user data memory. 

BRIEF DESCRIPTION OF THE DRAWINGS 

55 [0024] The present invention will become more fully 
understood by the following detailed description of pre- 
ferred embodiments thereof in conjunction with the ac- 
companying drawings, in which: 
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Fig. 1 shows a partial schematic illustration of a 
smart-phone for explaining an embodiment of 
the invention; 

Rg. 2 shows a flowchart of the procedure for gener- 
ation and/or getting an access key; 

Rg. 3 shows a flowchart for the procedure for gen- 
eration and/or getting of an access key from 
a SIM card; and 

Rg. 4 shows a flowchart for the procedure when 
turning on the mobile phone with the access 
key saved or generated at 'power on". 

DESCRIPTION OF THE PREFERRED 
EMBODIMENTS 

[0025] As reference signs in the Rg. 1 10 denotes an 
electrical device, 11 a memory access means imple- 
mented in hardware or software, 1 2 a password control- 
led by the user, 1 3 a user data storage like FLASH disc, 
EEPROM, etc., 14 an MMI (man-machine-interface, 20 
a SIM card, 21 an access key generation means, 22 
SIM-data stored in SIM card 20 like IMSI. SIM serial 
number, etc., 30 an output line for communicating user 
data out of the electrical device 1 0 in coded or decoded 
form, 31 an input line for communicating in user data the 
electrical device 1 0 in coded or decoded form. 32 a line 
for transferring user data for decoding or encoding, 33 
a line for transferring user data coded or decoded, 34 
an output line of an access key generation means 21 to 
be used as input to the memory access means 1 1 , 35 a 
user controlled password signal line, 36 a line for trans- 
ferring SIM-data like the SIM serial number, etc. (this 
store can be outside the control of the user), and 37 a 
signal line for transferring a user controlled password 
signal. 

[0026] The user data stored in the user data memory 
13 of the electrical device 10 is protected by inputting 
an identification string, f.e. a number, which is supplied 
to the memory access means 1 1 via line 31 . Within the 
memory access means 11 the input identification 
number is compared with a stored user identification 
number and then it is verified whether those numbers 
are identical. 

[0027] In case that both numbers are identical, i.e. the 
user is listed and the password is correct, the SIM-data 
stored in the SIM card 20 is read out and used as the 
basis for an access key to provide access to the user 
data stored in the user data memory 13 of the mobile 
communication device 12. The read out SIM-data stored 
in the memory area 22 of the SIM card 20 is used as a 
basis for an access key to a coding/decoding algorithm 
within the memory access means 11 for coding/decod- 
ing the user data. 

[0028] One way to evaluate, if access is allowed, is to 
check whether clear text or garbage text is output from 
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the memory. 

[0029] The access key for the memory access means 
is either SIM-data stored in the memory area 22 of the 
SIM-card 20 or may be generated by the access key 

5 generation algorithm 21 on the basis of SIM-data read 
out via line 36. The generated access key is supplied to 
the memory access means 1 1 via line 34. The SIM-data 
stored in the memojy area 22 of the SIM card 20 is either 
specified by the primary user or by the network provider 

to ofthe mobile communication device. SIM-dataspecified 
by the network provider is, for instance, IMSI i.e. the In- 
ternational Mobile Subscriber Identity. Alternatively the 
SIM-data which is used as a basis for generating an ac- 
cess key might be specified by the manufacturer of the 

is mobile communication device, e.g. the SIM-serial 
number. 

[0030] The identification number input by the user is 
either a personal identification number known to the us- 
er or a personal unblocking code PUC. The coding/de- 

20 coding algorithm of memory access means 1 1 is either 
stored in a special storage area of the user data memory 
13 or preferably stored in the SIM card 20. 
[0031] The user data memory 13 is subdivided into 
different user data storage areas which are accessible 

25 by inputting corresponding passwords. 

[0032] In case that the mobile device is stolen, SIM- 
data might be sent to the mobile communication device 
by the network provider as a message as part of a can- 
cellation command specified by the network provider to 

30 access the user data memory 13 for deleting the user 
data and/or corresponding passwords stored within that 
user data memory 13. 

[0033] User data can be protected by running the data 
through the coding/decoding means 1 1 , either by taking 

35 existing data from the user data storage 13, coding it 
and then returning it to the user data storage 13 or by 
coding new data before storing it. 
[0034] The coding/decoding means 1 1 can use an al- 
gorithm, like GEA(e.g. GSM GPRS enciphering algo- 

*o rithm, GSM 01 .61 , if ever allowed), any simple random 
number generator with the key as seed, etc. 
[0035] The access key for the coding/decoding algo- 
rithm of memory access means 11 is preferably gener- 
ated on the SIM'card 20 with SIM-data input from the 

45 SIM-data-storage area 22 via line 36. The key generat- 
ing algorithm 21 can be like the A3 authentication algo- 
rithm or the A8 ciphering key algorithm, which are both 
available on every GSM SIM, as defined in GSM 11.11. 
[0036] The SIM card 20 either generates or saves an 

50 access key. The access key may be available for the 
user, the network provider, manufacturer or may be to- 
tally unavailable to anything but the access protection 
algorithm. 

[0037] Fig. 2 shows a flowchart of the procedure for 
55 generation and/or getting an access key. 

[0038] After accessing and application start in step 
S10, usemame and password are queried in steps S20 
to S50. After successful log-in, the access key is inter- 
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nalty generated or looked-up (if already existent) in step 
60, and the allowed data become available in step 70. 
[0039] "■ Fig. 3 shows a flowchart for the procedure for 
generation and/or getting of an access key from a SIM 
card. 

[0040] Like in Fig. 2, after accessing and application 
start in step S10, username and password are queried .- 
in steps S20 to S50. 

[0041] After successful log-in, the access key in step 
S60'-S70', wherein SIM-data stored in the SIM card are 
read and used as a basis for said access key, and the 
allowed data become available in step 80'. 
[0042] The protected data is accessed either directly 
or through an application and is protected by more than 
an access key generated by the SIM card, i.e. the user 
data is further protected by the user name and by the 



2. The method according to claim 1 , wherein SIM-data 
stored in the SIM card are read and used as a basis 
for said access key. 

3. The method according to claim 1 or 2 , wherein said 
access key provides access to a coding/decoding 
algorithm (11) for,coding/decoding the user data. 

4. The method according to claim 2 or 3, wherein the 
access key is generated by an access key genera- 
tion algorithm (21) on the basis of the read out SIM- 



[0043] Fig. 4 shows a flowchart for a procedure which 
is performed when the mobile communication device is 
turned on and the access key is saved or generated at 
"power on". When the mobile phone is turned on (step 
S100), it is checked whether the SIM-PIN is enabled 
(step S200). In case that the SIM-PIN is enabled it is 
requested to input a PIN number (step S300) which is 
then compared with the stored correct PIN number (step 
S400). In case that the PIN number which has been in- 
put by the user is identical to the stored correct PIN 
number, the SIM-data information is read out of the SIM- 
data area 22 and on the basis of the read out SIM-data 
the access key is generated by the access key genera- 
tion means (step S500). The access key is then used to 
provide access to the user data stored in the user data 
memory 13 of the mobile communication device. If the 
PIN number is Incorrect, steps S300 and S300 are re- 
peated n times at maximum. 

[0044] Although the present invention has been de- 
scribed with respect to preferred embodiments thereof, 
it should be understood that many modifications can be 
performed without departing from the scope of the in- 
vention as defined by the appended claims. 
[0045] Particularly, the communication device is not 
limited to a mobile phone. 



A method for protecting user data stored in a mem- 
ory of a mobile communication device, particularly 
a mobile phone, comprising the following steps: 

inputting an identification string; and 

associating an internal access key with said 
identification string to provide access to corre- 
sponding user data stored in the user data 
memory (13) of the mobile communication de- 
vice (10). 



The method according to one of the preceding 
claims 2 to 4, wherein the SIM-data which is used 
as the basis for an access key is specified by a pri- 
mary user. 

6. The method according to one of the preceding 
20 claims 2 to 5, wherein the SIM-data which is used 
as the basis for an access key is specified by the 
network provider of the mobile communication de- 
vice (10). 

25 7. The method according to claim 2, wherein the SIM- 
data is the International Mobile Subscriber Identity 
IMSI or SIM card serial number. 

8. The method according to one of the preceding 
30 claims 2 to 7, wherein the SIM-data which is used 
as the basis for an access key is specified by the 
manufacturer of the mobile communication device 
(10). 

35 9. The method according to one of the preceding 
claims, wherein the identification string is the per- 
sonal identification name and/or the password 
which are input by a user. 

•w 10. The method according to one of the preceding 
claims, wherein the identification string' is the per- 
sonal unblocking code PUC. 

11. The method ' according to one of the preceding 
« claims 3 to 10, wherein the coding/decoding algo- 
rithm is stored in a storage area of the user data 
y(13). 



12. The method according to one of the preceding 
claims 2 to 11, wherein the coding/decoding algo- 
rithm is stored in the SIM-card (20). 

13. The method according to one of the preceding 
claims, wherein the user data memory (13) is sub- 
divided into user data storage areas which are ac- 
cessible by inputting corresponding passwords 
(12). 
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14. The method according to claim 14, wherein the 
identification string is sent to the mobile phone by 
the network provider as part of a cancellation com- 
mand specified by the network provider to access 
the user data memory (13) for deleting user data 5 
and/or corresponding identifications stored within 
the user data memory (1 3). 
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